package io.renren.modules.efinance.controller;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import io.renren.common.utils.PageUtils;
import io.renren.common.utils.PasswordUtil;
import io.renren.common.utils.R;
import io.renren.common.utils.ShiroUtils;
import io.renren.modules.efinance.entity.AccountEntity;
import io.renren.modules.efinance.entity.BankcardEntity;
import io.renren.modules.efinance.entity.BindcardEntity;
import io.renren.modules.efinance.service.AccountService;
import io.renren.modules.efinance.service.BankcardService;
import io.renren.modules.efinance.service.BindcardService;
import io.renren.modules.efinance.vo.BindCardVo;
import io.renren.modules.sys.entity.SysUserEntity;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import java.util.Arrays;
import java.util.Date;
import java.util.Map;



/**
 *
 * @author lhf
 * @email i@lhf.com
 * @date 2022-06-24 17:18:43
 */
@RestController
@RequestMapping("efinance/bindcard")
public class BindcardController {
    @Autowired
    private BindcardService bindcardService;
    @Autowired
    private AccountService accountService;

    @Autowired
    private BankcardService bankcardService;

    /**
     * 列表，当前用户绑定的所有银行卡
     */
    @RequestMapping("/list")
    // @RequiresPermissions("efinance:bindcard:list")
    public R list(@RequestParam Map<String, Object> params){
        SysUserEntity principal= ShiroUtils.getUserEntity();
        params.put("account_id",principal.getUsername());
        PageUtils page = bindcardService.queryPage(params);

        return R.ok().put("page", page);
    }

    /**
     * 信息
     */
    @RequestMapping("/info/{bindcardId}")
    // @RequiresPermissions("efinance:bindcard:info")
    public R info(@PathVariable("bindcardId") Integer bindcardId){
		BindcardEntity bindcard = bindcardService.getById(bindcardId);

        return R.ok().put("bindcard", bindcard);
    }

    /**
     * 验证当前登录账户密码
     * @param vo
     */
    private void validAccountPassword(BindCardVo vo){
        AccountEntity entity = accountService.getOne(new QueryWrapper<AccountEntity>()
                .eq("account_name", ShiroUtils.getUserEntity().getUsername()));
        if(entity==null||!validPassword(vo.getAccountPassword(),entity.getAccountPassword(),entity.getSalt()))
            throw new RuntimeException("账户不存在或密码错误");
    }

    private boolean validPassword(String form,String dbPwd,String salt){
        String md5Password = PasswordUtil.getMD5Password(form, salt);
        return md5Password.equals(dbPwd);
    }

    /**
     * 保存，即绑定银行卡
     */
    @RequestMapping("/save")
    // @RequiresPermissions("efinance:bindcard:save")
    public R save(@RequestBody BindCardVo vo){
        // 验证账户密码
        validAccountPassword(vo);
        // 验证银行卡主人是否是当前用户
        validCardPassword(vo);
        bindcardService.save(getBindcardEntity(ShiroUtils.getUserEntity().getUsername(),vo));
        return R.ok();
    }

    // 验证本人是不是卡的主人
    private void validCardPassword(BindCardVo vo) {
        BankcardEntity card = bankcardService.getOne(new QueryWrapper<BankcardEntity>()
                .eq("bankcard_idcard", vo.getCardId()));
        if(card==null||!vo.getBankcardPassword().equals(card.getBankcardPassword()))
            throw new RuntimeException("银行卡不存在或银行卡密码错误");
    }

    private BindcardEntity getBindcardEntity(String accountId,BindCardVo vo){
        BindcardEntity entity = new BindcardEntity();
        entity.setAccountId(accountId);
        entity.setCardId(vo.getCardId());
        entity.setBindcardTime(new Date());
        return entity;
    }

    /**
     * 修改
     */
    @RequestMapping("/update")
    // @RequiresPermissions("efinance:bindcard:update")
    public R update(@RequestBody BindcardEntity bindcard){
		bindcardService.updateById(bindcard);

        return R.ok();
    }

    /**
     * 删除
     */
    @RequestMapping("/delete")
    // @RequiresPermissions("efinance:bindcard:delete")
    public R delete(@RequestBody Integer[] bindcardIds){
		bindcardService.removeByIds(Arrays.asList(bindcardIds));

        return R.ok();
    }

}
